Using raw hash functions to authenticate passwords is as
naive as using unsalted hash functions. Don’t.Thomas Ptacek

BCrypt.net is an implementation of OpenBSD's Blowfish-based
password hashing code, described in "A
Future-Adaptable Password Scheme" by Niels Provos and
David
Mazières. It is a direct port of jBCrypt by
Damien Miller,
and is thus released under the same BSD-style license. The code is
fully managed and should work with any little-endian CLI
implementation -- it has been tested with Microsoft .NET and
Mono.

Why BCrypt?

Most popular password storage schemes are based on fast
hashing algorithms such as MD5 and SHA-1. BCrypt is a
computationally expensive adaptive hashing scheme which utilizes
the Blowfish block cipher. It is ideally suited for password
storage, as its slow initialization time severely limits the
effectiveness of brute force password cracking attempts. How much
overhead it adds is configurable (that's the adaptive
part), so the computational resources required to test a password
candidate can grow along with advancements in hardware
capabilities.

Usage

Using BCrypt in your code is very simple:

// Pass a logRounds parameter to GenerateSalt to explicitly specify the
// amount of resources required to check the password. The work factor
// increases exponentially, so each increment is twice as much work. If
// omitted, a default of 10 is used.
string hashed = BCrypt.HashPassword(password, BCrypt.GenerateSalt(12));
// Check the password.
bool matches = BCrypt.CheckPassword(candidate, hashed);

The source code is available via the links below. You can
download the packaged version, which includes an NUnit-based test
suite, or download the source directly via
BCrypt.cs.

It looks like an implementation of this is available at http://bcrypt.codeplex.com/ - seems to have fixed the work factor 31 bug.

Tuesday, September 20, 2011 5:06:55 AM by Barsham

Good Job.

Wednesday, December 12, 2012 4:57:10 PM by Keith

Is there a way to prove that this implementation is "$2y"-worthy? Use of "$2a" is discouraged because of a flawed implementation for Unix platforms, but I can't find many details on the exact issue (including, ideally, passwords and resulting hashes proving an implementation does not have the vulnerability)

Monday, June 03, 2013 11:48:50 PM by Saurabh Bansal

Can you please help me porting jaspyt to .net

Tuesday, July 30, 2013 3:54:34 AM by A

CryptSharp includes the $2y$ implementation of BCrypt, just as an fyi - http://www.zer7.com/software.php?page=cryptsharp

Wednesday, August 13, 2014 12:41:52 PM by Hannes

Very helpful, thanks!

Saturday, February 13, 2016 12:39:02 AM by tiago pereira

and how to retrieve the hash password ?

Tuesday, November 08, 2016 9:02:17 AM by mohammed tayel

are this dll support CNG ?

Add CommentNameURL

Comment

What is this blog's author's last name spelled backwards?

About

CTO at Amperity in Seattle, building
a data-first application for marketing.